Method and apparatus for ciphering data in wireless communication system

ABSTRACT

An apparatus for ciphering data in a wireless communication system. The apparatus includes a memory which stores data to be ciphered; a controller which outputs a cipher command for each layer of a wireless protocol; a protocol processing unit including a cipher hardware, which receives the cipher command outputted from the controller, reads data to be ciphered from the memory, ciphers the data and outputs the ciphered data, and a transmission data processing unit, which receives ciphered data that is directly outputted from the cipher hardware, adds a header for transmission and generates a data packet; and an RF communication unit which directly receives the generated data packet and transmits the received data packet.

PRIORITY

This application claims priority under 35 U.S.C. §119 to Korean PatentApplication No. 10-2009-0046009, which was filed in the KoreanIntellectual Property Office on May 26, 2009, the content of which isincorporated herein by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention generally relates to a method and apparatus forciphering data in a wireless communication system, and moreparticularly, to a method and apparatus for ciphering data, whichtransmits ciphered data directly to a Radio Frequency (RF) communicationunit, which operates at the physical layer, without transmitting thedata to a memory, using a protocol processing unit which cansimultaneously perform ciphering and transmission data processing.

2. Description of the Related Art

In W-CDMA (Wideband Code Division Multiple Access) and HSPA (High SpeedPacket Access) of 3GPP (3^(rd) Generation Partnership Project), theciphering process of security level 1 is stipulated to process in eachprotocol and layer of RRC (Radio Resource Control)/RLC (Radio LinkControl)/MAC (Media Access Control). Here, security level 1 refers to asecurity level in a layer, where a terminal and a base station directlytransmit and receive data.

With respect to a layer where ciphering is processed, in the RRC layer,a control message is transmitted, and in the RLC/MAC layer, user data istransmitted. Particularly, the method of transmitting data whentransmitting user data is classified into UM (Unacknowledge Mode), AM(Acknowledge mode) and TM (Transparent Mode), and UM/AM mode data areciphered in RLC layer and TM mode data are ciphered in MAC sub-layer.

Further, the existing method of implementing ciphering can be classifiedinto a method of using software and a method of using hardware. Whenciphering is implemented using software, the controller of a transceiver(a terminal or a base station) should read and cipher data stored in amemory, and then store the data in the memory again. Such a method canbe easily implemented in case the data transmission rate does not haveto be as high as in control message processing, but the processing timecan be delayed if high data transmission rate is needed.

Additionally, if the case ciphering is implemented in hardware, if thecontroller of a transceiver transmits information for ciphering datastored in a memory to a cipher hardware, the cipher hardware reads datafrom the memory, ciphers the data, and stores the ciphered data in thememory again. Such a method is a general ciphering method that is usedto process data with a high transmission rate.

However, in order to transmit data, a MAC packet needs to be generatedby adding a MAC header to the ciphered data. To this end, the cipherhardware should access a memory again and read ciphered data. Thus, thenumber of times of memory accessed by the cipher hardware increases,thereby finally delaying the data processing.

Hence, there is a need for a method of ciphering data, which can quicklyperform data ciphering and transmission processing.

SUMMARY OF THE INVENTION

The present invention has been made in view of the above problems, andprovides a protocol processing unit, which can simultaneously performciphering and transmission data processing. The protocol processing unitis implemented by hardware logic, and ciphered data can be directlytransmitted to an RF communication unit by adding a MAC header withouttransmitting the data to a memory.

In accordance with an aspect of the present invention, an apparatus forciphering data in a wireless communication system includes a memory,which stores data to be ciphered; a controller, which outputs a ciphercommand for each layer of a wireless protocol; a protocol processingunit including a cipher hardware, which receives the cipher commandoutputted from the controller, reads data to be ciphered from thememory, ciphers the data and outputs the ciphered data, and atransmission data processing unit, which receives ciphered data that isdirectly output from the cipher hardware, adds a header for transmissionand generates a data packet; and an RF communication unit which directlyreceives the generated data packet and transmits the received datapacket.

In accordance with another aspect of the present invention, a method ofciphering data in a wireless communication system includes reading datato be ciphered from a memory when receiving a cipher command by a cipherhardware; ciphering the read data and directly outputting the ciphereddata to a transmission data processing unit by the cipher hardware;directly receiving the output ciphered data and generating a data packetby adding a header for transmission by the transmission data processingunit; and directly receiving the generated data packet transmitted fromthe transmission data processing unit and transmitting the received datapacket by an RF communication unit.

According to the present invention, a protocol processing unit, whichcan perform both ciphering and transmitted data processing at the sametime, does not transmit ciphered data to a memory, but directlytransmits to an RF communication unit, a physical layer, by adding a MACheader, so that the number of times memory is accessed is reduced,thereby increasing the data processing speed

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, features, and advantages of certainembodiments of the present invention will be more apparent from thefollowing description taken in conjunction with the accompanyingdrawings, in which:

FIG. 1 illustrates cipher hardware, which ciphers data according aciphering command received from each layer according to the prior art;

FIG. 2 illustrates memory being accessed a number of times and a datatransmission path according to a ciphering process and a MAC headeradding process in order to explain the problem in the prior art;

FIG. 3 is a block diagram illustrating a structure of a transmission andreception device, which can perform data ciphering according to anembodiment of the present invention;

FIG. 4 is a block diagram illustrating a structure of a Lower MAC(LMAC), which is an implementation of a protocol processing unit 330 asactual hardware logic;

FIG. 5 illustrates the number of times memory is accessed and a datatransmission path for a ciphering process and a MAC header addingprocess according to an embodiment of the present invention; and

FIG. 6 is a flowchart illustrating an operation of a protocol processingunit 330 according to an embodiment of the present invention.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

Embodiments of the present invention are described with reference to theaccompanying drawings in detail. The same reference numbers are usedthroughout the drawings to refer to the same or like parts. Detaileddescriptions of well-known functions and structures incorporated hereinmay be omitted to avoid obscuring the subject matter of the presentinvention.

In the 3GPP standard, the term “cipher” is used for ciphering in anuplink, and the term “decipher” is used for ciphering in a downlink, butin the present invention, the term “cipher” or “ciphering” is used forboth “cipher” and “decipher” for the convenience of illustration.

In addition, the ciphering algorithm described in the present inventioncan be “kasumi” or “snow 3G”, but the present invention is not limitedto such examples, and can include any method that can cipher datatransmitted in the transmission and reception terminal.

FIG. 1 illustrates cipher hardware, which ciphers data according to aciphering command received from each layer according to the prior art.

As mentioned above, in security level 1 of the wireless communicationsystem of the present invention, the wireless protocol in charge of datatransmission can be classified into a RRC layer 110, a RLC layer 120 anda MAC sub-layer 130 or the like. In this case, in the RRC layer 110, acontrol message is transmitted, and in the RLC 120 and the MAC 130sub-layer, user data is transmitted. Particularly, the data transmissionmethod when transmitting user data is classified into UM (UnacknowledgeMode), AM (acknowledge Mode), and TM (Transparent Mode), and UM/AM modedata is ciphered in RLC layer and TM mode data is ciphered in MAC layer.

To this end, each protocol and sub-layer 110, 120 and 130 illustrated inFIG. 1 transmits information for data to be ciphered and a ciphercommand to a cipher hardware 140. Then, the cipher hardware 140 receivesa cipher command from each layer, reads data to be ciphered from thememory and ciphers the data. In addition, the cipher hardware 140transmits the ciphered data to the memory and stores the data in thememory.

Further, ciphered data is finally transmitted to the MAC sub-layer fortransmission, and in this case, the MAC sub-layer generates a MAC packetby adding a MAC header to transmitted ciphered data, and outputs thegenerated MAC packet to the RF transmission and reception unit. Here,the RF transmission and reception unit may correspond to the physicallayer (PHY).

In this case, there is a disadvantage in that an additional memoryaccessing process is required in order for ciphered data to betransmitted to the MAC sub-layer, and the data processing is delayed dueto the additional memory access. Such a problem is described in detailin FIG. 2.

FIG. 2 illustrates the number of times memory must be accessed and adata transmission path according to a ciphering process and a MAC headeradding process in order to explain the problem of the prior art.

The controller 210 illustrated in FIG. 2 controls the data generation,processing and ciphering processes in each protocol layer. Accordingly,if data is generated in each layer, the controller 210 stores thegenerated data in step S201.

Thereafter, the controller 210 transmits ciphering-related informationto the ciphering hardware 230. Here, the ciphering-related informationincludes a ciphering parameter and a memory address where data to beciphered is stored.

Additionally, the cipher hardware 230 accesses the memory and reads datato be ciphered using memory address information in step S202. Inaddition, the ciphering hardware 230 ciphers data, which is read fromthe memory according to a cipher function in step S203, and writes theciphered data in the memory 220 in step S204.

Thereafter, when the cipher hardware 230 receives a packet generationand transmission command from the MAC sub-layer, the cipher hardware 230accesses the memory 220 again, reads the ciphered data, and transmitsthe data to the RF communication unit 240 of the physical layer 240(PHY).

Considering the data ciphering and transmission processing process, thecipher hardware 230 accesses the memory in steps S202, S204 and S205. Inother words, according to the prior art, three memory accesses areneeded for data ciphering and transmission processing.

As stated above, as the number of times of accessing the memoryincreases, the data processing is delayed. Thus, a method of reducingthe number of times memory is accessed in the data ciphering andtransmission processing process and a structure of a transceiver forperforming the method is desirable.

FIG. 3 is a block diagram illustrating a structure of a transceiver,which can perform data ciphering according to an embodiment of thepresent invention.

As illustrated in FIG. 3, the transceiver may include a controller 310,a memory 320, a protocol processing unit 330, and a RF communicationunit 340. In this case, the protocol processing unit 330 mayfunctionally further include a cipher hardware 330A and a transmissiondata processing unit 330B.

The below-described protocol processing unit 330, which, according tothe present invention is implemented by hardware logic, not by software.In case the ciphering process of the protocol processing unit 330 isimplemented by software, the CPU or DMAC (Direct Memory AccessController) should write ciphered data in the original memory. Hence, inorder to directly transmit the ciphered data to the physical layer, theprotocol processing unit 330, which performs ciphering, should beimplemented by hardware logic.

The controller 310 controls the overall operation of a transmitter or areceiver. Particularly, the controller 310 according to an embodiment ofthe present invention generates a ciphering command of each layercorresponding to RRC (Radio Resource Control), RLC (Radio Link Control)and MAC (Media Access Control) in security level 1. In addition, thecontroller 310 transmits information for data to be ciphered and theciphering command to the protocol processing unit 330. Here, informationfor data to be ciphered includes a ciphering parameter and a memoryaddress where data to be ciphered is stored.

The memory 320 stores data, which is processed in each layer accordingto the controller 310. The data is ciphered by the protocol processingunit 330.

As stated above, the protocol processing unit 330 is implemented byhardware logic in order to directly transmit ciphered data to thephysical layer. Additionally, according to an embodiment of the presentinvention, the protocol processing unit 330 may be an LMAC (Lower MAC),which processes some functions of the MAC layer and RLC layer byhardware.

The LMAC can be defined as a hardware accelerator of the second layer(MAC and RLC) of the wireless connection protocol. When processing eachof the layers, the LMAC processes some functions of the MAC layer andRLC layer by hardware because the existing implementation method, usingonly software, delays the data processing due to the large number ofmemory accesses.

Further, the protocol processing unit 330 receives a ciphering commandand information on data to be ciphered from the controller 310. Then,the protocol processing unit 330 reads data from the memory 320 using amemory address where data to be ciphered is stored. The protocolprocessing unit 330 includes a separate control block in order toperform such a process, but the control block is not illustrated indrawings for convenience of illustration.

According to an embodiment of the present invention, the protocolprocessing unit 330 may further include a cipher hardware 330A and atransmission data processing unit 330B. The cipher hardware 330A ciphersdata, which the protocol processing unit 330 read from the memory 320.In this case, the cipher hardware 330A performs ciphering using a cipherparameter, which is received from the controller 310. In this case, thecipher hardware 330A can perform ciphering using ciphering algorithms of“kasumi” or “snow 3G”, but the present invention is not limited to suchexamples, and can include any method which can cipher data transmittedfrom the transmission and reception terminal.

Additionally, the cipher hardware 330A directly transmits ciphered datato the transmission data processing unit 330B according to an embodimentof the present invention. In case such blocks are implemented bysoftware, the ciphered data cannot be directly transmitted to thetransmission data processing unit 330B, and must necessarily be writtenin the memory 320. Hence, in the present invention, in order to transmitciphered data directly to the transmission data processing unit 330B,the protocol processing unit 330 including the cipher hardware 330A andthe transmission data processing unit 330B is implemented in hardware.

The transmission data processing unit 330B receives ciphered datatransmitted from the cipher hardware 330A. Additionally, thetransmission data processing unit 330B generates a packet by adding aheader for transmission to the ciphered data, and outputs the packet toan RF communication unit 340, which is a physical layer. The ciphereddata is finally transmitted to the MAC layer for transmission, and theMAC header is added to the ciphered data in the MAC layer. Hence, theheader, which is added to the ciphered data by the transmission dataprocessing unit 330B, is a MAC header, and the generated packet is a MACpacket.

Additionally, the transmission data processing unit 330B adds an MACheader to the ciphered data, and then outputs the data to the RFcommunication unit 340, which is a physical layer.

As stated above, the protocol processing unit 330 of the presentinvention adds a MAC header to ciphered data, and directly outputs thedata to the RF communication unit 340, which is a physical layer. Hence,according to the present invention, the process of storing ciphered datain the memory and accessing the memory again for adding a MAC header canbe omitted, so that the number of times of memory accesses can bereduced, thereby increasing the data processing speed.

The RF communication unit 340 corresponds to a physical layer (PHY)among layers of the wireless connection protocol, and receives datadirectly transmitted from the protocol processing unit 330, andtransmits the received data.

FIG. 4 is a block diagram illustrating a structure of an LMAC, which isan implementation of a protocol processing unit 330 as actual hardwarelogic. FIG. 4 illustrates a structure of both a transmission LMAC 415and a reception LMAC 420, but the protocol processing unit 330illustrated in FIG. 3 may correspond to only the transmission LMAC 415.

Hereinafter, an LMAC including both the transmission LMAC 415 and thereception LMAC 420 is illustrated. As illustrated in FIG. 4, the LMACreads and writes data through AXI L2 main bus 405 and reads and writesregisters through L3 peripheral bus 410. The LMAC is classified into atransmission path (TX path) and a reception path (RX path), and isdesigned to correspond to the transmission LMAC (TX LMAC) 415 for thetransmission path and to the reception LMAC (RX LMAC) 420 for thereception path.

The transmission LMAC (TX LMAC) 415 interfaces an encoder buffer 430 ofa modem transmitter 425, and the reception LMAC (RX LMAC) 420 interfacesa modem receiver 435, which consists of memory interfaces and isdesigned to process burst data.

Considering the contents of the LMAC, the LMAC consists of thetransmission LMAC 415 and the reception LMAC 420, and each hasstructurally the same format. Structurally an eXDMAC 445 externallyreads and writes a memory through AXI master port, and internally readsand writes data through cipher/decipher input FIFO 450 and 455 andencoder/decoder buffer 430 and 440. TX/RX LMAC controller 460 and 465controls all functions based on R99/R6/R7, which needs to be provided inTX/RX LMAC 415 and 420.

If the protocol processing unit 330 of FIG. 3 and the actual blockdiagram of FIG. 4 are compared, the ciphering unit 330A of FIG. 3corresponds to Cipher 450 of FIG. 4, and the transmission dataprocessing unit 330B of FIG. 3 may correspond to the transmission LMACcontroller 460 and eXDMAC 445 of FIG. 4.

FIG. 5 illustrates the number of times of accessing a memory and a datatransmission path for a ciphering process and a MAC header addingprocess according to an embodiment of the present invention.

The controller 310 illustrated in FIG. 5 controls the data generation,processing and ciphering process in each protocol layer. As such, ifdata is generated in each layer, the controller 310 stores the generateddata in a memory 320 in step S501.

Thereafter, the controller 310 transmits ciphering-related informationto the protocol processing unit 330. Then, the protocol processing unit330 accesses the memory 320 and reads data to be ciphered in step S502.The protocol processing unit 330 ciphers data, which was read from thememory according to the ciphering, function in step S503. Thereafter,the protocol processing unit 330 generates a packet (MAC packet) byadding a header in order to transmit the ciphered data. In addition, theprotocol processing unit 330 directly transmits the generated packet tothe RF communication unit 340, which operates at the physical layer.

If the above point is compared with FIG. 2, according to the existingciphering method illustrated in FIG. 2, in order to generate a datapacket for transmission, three memory accesses in steps S202, S204 andS205 were needed. However, according to the ciphering method illustratedin FIG. 5, according to the present invention, only one memory access instep S502 is required in order to generate a data packet fortransmission. Hence, in the present invention, when the protocolprocessing unit 330 ciphers data, the number of times of memory accessesis reduced, thereby increasing the data processing speed.

FIG. 6 is a flowchart illustrating an operation of a protocol processingunit 330 according to an embodiment of the present invention.

First, the protocol processing unit 330 determines whether a ciphercommand and information for data to be ciphered were received from eachlayer in step S610. In case a cipher command is not received, a standbystate is maintained until a cipher command is received.

If a cipher command is received, the protocol processing unit 330 readsdata from the memory 320 using a memory address where data to beciphered is stored in step S620. In addition, the protocol processingunit 330 controls the cipher hardware 330A, which the protocolprocessing unit 330 has to perform ciphering in step S630.

In this case, the cipher hardware 330A performs ciphering using a cipherparameter which is received from each layer, and can use a cipheringalgorithm of “kasumi” or “snow 3G”.

A MAC header should be added to ciphered data for transmission, and theprotocol processing unit 330 controls the transmission processing unit330B to generate a MAC packet by adding a MAC header to the ciphereddata in step S640. In addition, the protocol processing unit 330controls the transmission data processing unit 330B to directly transmitthe generated MAC packet to the RF communication unit 340 which at thephysical layer.

Although embodiments of the present invention have been described indetail hereinabove, it should be clearly understood that many variationsand modifications of the basic inventive concepts herein taught whichmay appear to those skilled in the present art will still fall withinthe spirit and scope of the present invention, as defined in theappended claims.

1. An apparatus for ciphering data in a wireless communication system,the apparatus comprising: a memory, which stores data to be ciphered; acontroller, which outputs a cipher command for each layer of a wirelessprotocol; a protocol processing unit which comprises a cipher hardware,which receives the cipher command outputted from the controller, readsdata to be ciphered from the memory, ciphers the data and outputs theciphered data, and a transmission data processing unit, which receivesciphered data that is directly outputted from the cipher hardware, addsa header for transmission and generates a data packet; and an RFcommunication unit, which directly receives the generated data packetand transmits the received data packet.
 2. The apparatus of claim 1,wherein the cipher command includes information on data to be ciphered.3. The apparatus of claim 2, wherein information on data to be cipheredcomprises a cipher parameter and a memory address where data to beciphered is stored.
 4. The apparatus of claim 1, wherein the cipheringis performed by one of a RRC (Radio Resource Control) layer, a RLC(Radio Link Control) layer and a MAC (Media Access Control) sub-layer.5. A method of ciphering data in a wireless communication system, themethod comprising: reading data to be ciphered from a memory, whenreceiving a cipher command by a cipher hardware; ciphering the read dataand directly outputting the ciphered data to a transmission dataprocessing unit by the cipher hardware; directly receiving the outputtedciphered data, and generating a data packet by adding a header fortransmission by the transmission data processing unit; and directlyreceiving the generated data packet transmitted from the transmissiondata processing unit and transmitting the received data packet by an RFcommunication unit.
 6. The method of claim 5, wherein, in receiving acipher command, the cipher hardware receives the cipher command andinformation on data to be ciphered.
 7. The method of claim 6, whereinthe information on the data to be ciphered comprises a cipher parameterand a memory address where data to be ciphered is stored.
 8. The methodof claim 5, wherein the ciphering is performed with respect to one of aRRC (Radio Resource Control) layer, a RLC (Radio Link Control) layer anda MAC (Media Access Control) sub-layer.